On Friday 28 January 2005 20:20, Timothy Miller wrote: > The X server is, by definition, a priveleged process. You should be > able to trust it to behave correctly and protect the hardware from > errant X clients.
IMHO, this is not the real security issue. The real one reads: you should be able to *not* trust the X server for everything and use the hardware to protect the computer from the X server. Of course, this is not possible wrt to the X display (it _is_ managed by the X server so...). But is should be wrt to, e.g., the memory, the PCI bus, the interruptions, the monitor protection, or even the _console_ text display... Once upon a time, it was rumored that some boards could be used to solder your motherboard... (Of course this was not true.) But what do you think: it was a good hacker or a bad hardware or... both? Rodolphe, security office for a living... ;-) _______________________________________________ Open-graphics mailing list [email protected] http://lists.duskglow.com/mailman/listinfo/open-graphics List service provided by Duskglow Consulting, LLC (www.duskglow.com)
